Tuesday, September 15, 2009

Taiwan Faces Increasing Cyber Assaults

Defense News


Taiwan Faces Increasing Cyber Assaults


The computer systems at Taiwan’s Ministry of National Defense (MND) and the de facto U.S. embassy here, the American Institute in Taiwan (AIT), were attacked by hackers believed to be operating from China, an AIT source said.

Part of the cyber attack was in the form of a misinformation campaign. On June 5, a hacker managed to issue an e-mail attachment that contained a fake press release, purportedly from the Military Spokesman’s Office, describing a meeting between People’s First Party representatives and MND officials that distorted details of a recent bribery scandal here.

Some local media outlets reported the story, but others were suspicious enough to contact the MND and confirm what they now believe was an attempt by China to manipulate the Taiwan media and smear the MND. The MND quickly notified journalists not to download any attachments sent to them from the ministry.

Hackers also penetrated the Chunghwa Telecom’s Web mail system, used by the MND, and stole the account number and password.

“Our computer was intruded by a virus. That virus sent a news release to the media. Some of the information was incorrect,” said an MND source. Part of the attack used simplified Chinese characters that are only used in mainland China, while traditional Chinese characters are still used in Taiwan.

Chinese cyber attacks on Taiwan and the United States have been going on for some time. In 2003, China was suspected to have been behind the Titan Rain episode, in which U.S. military and government computer attacks were traced back to southern China’s Guangdong province. The People’s Liberation Army (PLA) is believed to have a special unit in the province dedicated to information warfare.

The Titan Rain episode included attacks on the U.S. Army Information Systems Engineering Command at Fort Huachuca, Ariz., the Defense Information Systems Agency in Arlington, Va., and the Naval Ocean Systems Center in San Diego.

A sophisticated cyber attack in 2005 on the British Parliament was believed, but not proved, to have come out of China.

According to a recent U.S. Defense Department report, “Military Power of the People’s Republic of China 2006,” China is “experimenting with strategy, doctrine and tactics for information warfare.

“During a military contingency, information warfare units could support active PLA forces by conducting ‘hacker attacks’ and network intrusions, or other forms of ‘cyber’ warfare, on an adversary’s military and commercial computer systems, while helping to defend Chinese networks,” the report says.

The Defense Department report notes that China has created information warfare units to develop viruses and, for the first time, initiated cyber warfare military exercises in 2005. “The PLA sees CNO [Computer Network Operations] as critical to seize the initiative and achieve ‘electromagnetic dominance’ early in a conflict, and as a force multiplier,” the report says.

Taiwan is a frequent victim of hacker attacks. During Taiwan’s 2000 election, when the pro-independence Democratic People’s Party (DPP), won the presidential election, several government Web sites were attacked.

Chinese hackers in 2001 launched 80,000 attacks on Taiwanese computers in February alone, according to local media reports that say that from 1996 to 2000, Chinese hackers launched around 250,000 attacks.

In August 2003 alone, Chinese hackers penetrated the systems of 30 government agencies and 88 private companies, including the MND, National Police Administration, the Central Election Commission and the Central Bank of China. The attacks were traced to Web sites registered in China’s Hubei and Fujian provinces as Lsaeraid.com, Feeledu.net, stockfound.com and memoryfree.com, local media reported.

Taiwan’s Straits Exchange Foundation issued a formal letter of complaint to China. The foundation handles cross-strait communications with China. There was no response to the complaint.

Attacks continued in 2004 on Web sites belonging to Taiwan’s Ministry of Finance, the Chinese Nationalist Party, the DPP and the MND’s Military News Agency.

The Taiwan National Security Council’s computer system last September was the target of an unsuccessful attack via e-mails containing a so-called Trojan horse program, from which a virus could be launched. Subject lines in the e-mails included “freedom” and “arms procurement.” The program was designed to download all files that opened the e-mails.